Kaspersky Anti-Ransomware Tool for Business has the following known limitations:
The application does not check the SMTP server certificate when sending reports to the administrator.
If you use a proxy server to connect to the Internet, the SMTP server must be in the local area network to send reports to the administrator.
In some cases, the application does not delete files that were created by malware.
The application does not delete or restore files used by another process.
The application does not protect or restore files located on storage devices that have a file system other than NTFS.
The application does not restore registry keys created by malware.
The application does not support EFS-encrypted files.
When processes or process flows affected by malware are terminated, the operating system might become unstable.
The application rolls back all file modifications that were made during analysis of a process.
In some cases, empty folders may remain after the application has been uninstalled.
In rare cases, the application interface may become unstable if the application is used in multiple user sessions. This problem does not affect the protection level.
Reports include information on detected objects only. If an object could not be scanned, this information is not included in a report.
The application settings are not automatically transferred when updating from the beta1 and beta2 versions.
For the Trusted machines feature to work, the Audit logon events function must be enabled in Windows.
The application does not detect activity in the shared folders of legitimate software that could be used to damage the user's data or adware activity.
The application may not determine the exact IP address or name of the remote machine that initiates malicious activity in the shared folders. However, the session of the attacking machine is blocked for a period specified in the settings.
The application does not control file changes initiated through the loopback interface if a software running on a computer tries to access files located on the same computer and available for modification over the network.
The application does not control file changes initiated by processes running at the operating system kernel level.
As part of the rollback procedure, files can be downloaded from a cloud storage to the folder specified in the cloud storage settings.